package com.cmdb.web.controller.system;

import java.time.LocalDate;
import java.time.ZoneId;
import java.time.format.DateTimeFormatter;
import java.time.temporal.ChronoUnit;
import java.util.Collection;
import java.util.Date;
import java.util.List;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletResponse;

import com.cmdb.common.constant.Constants;
import com.cmdb.common.core.domain.model.LoginUser;
import com.cmdb.common.core.redis.RedisCache;
import com.cmdb.system.service.ISysConfigService;
import org.apache.commons.lang3.ArrayUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.multipart.MultipartFile;
import com.cmdb.common.annotation.Log;
import com.cmdb.common.constant.UserConstants;
import com.cmdb.common.core.controller.BaseController;
import com.cmdb.common.core.domain.AjaxResult;
import com.cmdb.common.core.domain.entity.SysRole;
import com.cmdb.common.core.domain.entity.SysUser;
import com.cmdb.common.core.page.TableDataInfo;
import com.cmdb.common.enums.BusinessType;
import com.cmdb.common.utils.SecurityUtils;
import com.cmdb.common.utils.StringUtils;
import com.cmdb.common.utils.poi.ExcelUtil;
import com.cmdb.system.service.ISysPostService;
import com.cmdb.system.service.ISysRoleService;
import com.cmdb.system.service.ISysUserService;
import com.cmdb.common.utils.PasswordUtils;

/**
 * 用户信息
 * 
 * @author cyq
 */
@RestController
@RequestMapping("/system/user")
public class SysUserController extends BaseController
{
    @Autowired
    private ISysUserService userService;

    @Autowired
    private ISysRoleService roleService;

    @Autowired
    private ISysPostService postService;
    @Autowired
    private ISysConfigService configService;

    @Autowired
    private RedisCache redisCache;
    /**
     * 获取用户列表
     */
    @PreAuthorize("@ss.hasPermi('system:user:list')")
    @GetMapping("/list")
    public TableDataInfo list(SysUser user)
    {
        startPage();
        List<SysUser> list = userService.selectUserList(user);
        return getDataTable(list);
    }

    @Log(title = "用户管理", businessType = BusinessType.EXPORT)
    @PreAuthorize("@ss.hasPermi('system:user:export')")
    @PostMapping("/export")
    public void export(HttpServletResponse response, SysUser user)
    {
        List<SysUser> list = userService.selectUserList(user);
        ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
        util.exportExcel(response, list, "用户数据");
    }

    @Log(title = "用户管理", businessType = BusinessType.IMPORT)
    @PreAuthorize("@ss.hasPermi('system:user:import')")
    @PostMapping("/importData")
    public AjaxResult importData(MultipartFile file, boolean updateSupport) throws Exception
    {
        ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
        List<SysUser> userList = util.importExcel(file.getInputStream(),0);
        String operName = getUsername();
        String message = userService.importUser(userList, updateSupport, operName);
        return AjaxResult.success(message);
    }

    @PostMapping("/importTemplate")
    public void importTemplate(HttpServletResponse response)
    {
        ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
        util.importTemplateExcel(response, "用户数据");
    }

    /**
     * 根据用户编号获取详细信息
     */
    @PreAuthorize("@ss.hasPermi('system:user:query')")
    @GetMapping(value = { "/", "/{userId}" })
    public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId)
    {
        userService.checkUserDataScope(userId);
        AjaxResult ajax = AjaxResult.success();
        List<SysRole> roles = roleService.selectRoleAll();
        ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
        ajax.put("posts", postService.selectPostAll());
        if (StringUtils.isNotNull(userId))
        {
            ajax.put(AjaxResult.DATA_TAG, userService.selectUserById(userId));
            ajax.put("postIds", postService.selectPostListByUserId(userId));
            ajax.put("roleIds", roleService.selectRoleListByUserId(userId));
        }
        return ajax;
    }

    /**
     * 新增用户
     */
    @PreAuthorize("@ss.hasPermi('system:user:add')")
    @Log(title = "用户管理", businessType = BusinessType.INSERT)
    @PostMapping
    public AjaxResult add(@Validated @RequestBody SysUser user)
    {
        if (UserConstants.NOT_UNIQUE.equals(userService.checkUserNameUnique(user.getUserName())))
        {
            return AjaxResult.error("新增用户'" + user.getUserName() + "'失败，登录账号已存在");
        }
        else if (StringUtils.isNotEmpty(user.getPhonenumber())
                && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
        {
            return AjaxResult.error("新增用户'" + user.getUserName() + "'失败，手机号码已存在");
        }
        else if (StringUtils.isNotEmpty(user.getEmail())
                && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
        {
            return AjaxResult.error("新增用户'" + user.getUserName() + "'失败，邮箱账号已存在");
        }
        
        // 密码复杂度检测
        PasswordUtils.PasswordCheckResult checkResult = PasswordUtils.checkPasswordComplexity(user.getPassword());
        if (!checkResult.isValid()) {
            return AjaxResult.error("密码复杂度检测失败：" + checkResult.getMessage());
        }
        
        user.setCreateBy(getUsername());
        user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
        return toAjax(userService.insertUser(user));
    }

    /**
     * 修改用户
     */
    @PreAuthorize("@ss.hasPermi('system:user:edit')")
    @Log(title = "用户管理", businessType = BusinessType.UPDATE)
    @PutMapping
    public AjaxResult edit(@Validated @RequestBody SysUser user)
    {
        userService.checkUserAllowed(user);
        if (StringUtils.isNotEmpty(user.getPhonenumber())
                && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
        {
            return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，手机号码已存在");
        }
        else if (StringUtils.isNotEmpty(user.getEmail())
                && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
        {
            return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，邮箱账号已存在");
        }
        user.setUpdateBy(getUsername());
//        user.setUserName(user.getNickName());
        return toAjax(userService.updateUser(user));
    }

    @PreAuthorize("@ss.hasPermi('system:user:list')")
    @Log(title = "用户管理", businessType = BusinessType.UPDATE)
    @GetMapping("/userpwd")
    public AjaxResult userpwd()
    {
        LoginUser loginUser = SecurityUtils.getLoginUser();
        SysUser sysUser = userService.selectUserById(loginUser.getUserId());
        if(sysUser.isAdmin()){
            return AjaxResult.success();
        }
        String s60 = configService.selectConfigByKey("sys.account.update.pwd.banned");
        String s30= configService.selectConfigByKey("sys.account.update.pwd.alert");
        
        // 如果用户没有密码修改时间，说明是新用户，不需要检查
        if (sysUser.getUpdatepwd() == null) {
            return AjaxResult.error("请尽快修改密码");
        }
        
        String formattedDate = LocalDate
                .now(ZoneId.of("Asia/Shanghai"))
                .format(DateTimeFormatter.ISO_DATE);
        
        // 将Date转换为字符串格式
        String updatePwdDate = sysUser.getUpdatepwd().toInstant()
                .atZone(ZoneId.of("Asia/Shanghai"))
                .toLocalDate()
                .format(DateTimeFormatter.ISO_DATE);

        boolean isMoreThan60Days = checkDateDifference(updatePwdDate, formattedDate, Integer.parseInt(s60));
        if(isMoreThan60Days){
            sysUser.setStatus("1");
            userService.updateUser(sysUser);
            Collection<String> keys = redisCache.keys(Constants.LOGIN_TOKEN_KEY + "*");
            for (String key : keys){
                LoginUser user = redisCache.getCacheObject(key);
                if(user.getUserId().equals(loginUser.getUserId())){
                    String token = user.getToken();
                    redisCache.deleteObject(Constants.LOGIN_TOKEN_KEY + user.getToken());
                    break;
                }
            }
            //账号强制退出
            return AjaxResult.success("<UNK>");
        }
        
        // 检查是否超过30天（警告期）
        boolean isMoreThan30Days = checkDateDifference(updatePwdDate, formattedDate, Integer.parseInt(s30));
        if(isMoreThan30Days){
            return AjaxResult.error("请修改密码，否则到期将进行账号封禁");
        }
        return AjaxResult.success();
    }


    /**
     * 删除用户
     */
    @PreAuthorize("@ss.hasPermi('system:user:remove')")
    @Log(title = "用户管理", businessType = BusinessType.DELETE)
    @DeleteMapping("/{userIds}")
    public AjaxResult remove(@PathVariable Long[] userIds)
    {
        if (ArrayUtils.contains(userIds, getUserId()))
        {
            return error("当前用户不能删除");
        }
        return toAjax(userService.deleteUserByIds(userIds));
    }

    public static boolean checkDateDifference(String date1, String date2,Integer day) {
        DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy-MM-dd");

        // 解析日期字符串
        LocalDate firstDate = LocalDate.parse(date1, formatter);
        LocalDate secondDate = LocalDate.parse(date2, formatter);

        // 计算绝对日期差
        long daysDifference = Math.abs(ChronoUnit.DAYS.between(firstDate, secondDate));

        // 检查是否大于60天
        return daysDifference > day;
    }

    /**
     * 重置密码
     */
    @PreAuthorize("@ss.hasPermi('system:user:resetPwd')")
    @Log(title = "用户管理", businessType = BusinessType.UPDATE)
    @PutMapping("/resetPwd")
    public AjaxResult resetPwd(@RequestBody SysUser user)
    {
        userService.checkUserAllowed(user);
        
        // 密码复杂度检测
        PasswordUtils.PasswordCheckResult checkResult = PasswordUtils.checkPasswordComplexity(user.getPassword());
        if (!checkResult.isValid()) {
            return AjaxResult.error("密码复杂度检测失败：" + checkResult.getMessage());
        }
        
        user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
        user.setUpdateBy(getUsername());
        return toAjax(userService.resetPwd(user));
    }

    /**
     * 状态修改
     */
    @PreAuthorize("@ss.hasPermi('system:user:edit')")
    @Log(title = "用户管理", businessType = BusinessType.UPDATE)
    @PutMapping("/changeStatus")
    public AjaxResult changeStatus(@RequestBody SysUser user)
    {
        userService.checkUserAllowed(user);
        user.setUpdateBy(getUsername());
        return toAjax(userService.updateUserStatus(user));
    }

    /**
     * 根据用户编号获取授权角色
     */
    @PreAuthorize("@ss.hasPermi('system:user:query')")
    @GetMapping("/authRole/{userId}")
    public AjaxResult authRole(@PathVariable("userId") Long userId)
    {
        AjaxResult ajax = AjaxResult.success();
        SysUser user = userService.selectUserById(userId);
        List<SysRole> roles = roleService.selectRolesByUserId(userId);
        ajax.put("user", user);
        ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
        return ajax;
    }

    /**
     * 用户授权角色
     */
    @PreAuthorize("@ss.hasPermi('system:user:edit')")
    @Log(title = "用户管理", businessType = BusinessType.GRANT)
    @PutMapping("/authRole")
    public AjaxResult insertAuthRole(Long userId, Long[] roleIds)
    {
        userService.insertUserAuth(userId, roleIds);
        return success();
    }
}
